Endpoint Security - How to

Balance Productivity and Security

James MEAKIN

8th September 2015

Why are business prioritizing data security?

07/09/20152

average amount paid following a security breach, up from $5.4M in 2013.3

the cost per lost or stolen record increased over the last year from $188 to $201.3

increase in records compromised due to a security breach since 2013.2

87% 29.4%of organizations have experienced a security breach in the last 12 months.1

>75Mrecords have been compromised this year in approximately 568 breaches.2

of companies concerned about lack of control and security in the Cloud.4

73%$201 $5.9M

!

Market trends are increasing pressure on endpoint

security

07/09/20153

Compliance Pressures

75% of organizations lack resources to meet compliance regulations. 73% say increasing audit burden is their biggest challenge.3

Evolving User Behavior200 million employees bring their own device to work.1

66% use free file-sharing platforms to share corporate data.2

Data Explosion

2.5 quintillion bytes of data created every day, and end users are accessing it everywhere.4

Growing ThreatsIn just one month, 280 million malicious programs, 134 million Web-borne infections, and 24 million malicious URLs are detected.5

Endpoint Security

1. Mobile Is The New Face Of Engagement, Forrester Research, February 2012

2. Workforce Mobilization: What Your I.T. Department Should Know, SkyDox, June 2012

3. 2013 State of the Endpoint, Ponemon Institute, December 2012

4. Understanding Big Data, IBM

5. Kaspersky April 2012 Threat Report

The IT balancing act

07/09/20154

End user demands

Data protection

How do you balance end user expectations to work when and where they want, on any device with the need to protect data and meet compliance?

The concept of Risk

07/09/20155

The potential that a given threat will exploit vulnerabilities and thereby cause

harm. It is measured by the probability of occurrence and its impact.

Assessing Endpoint Risk

07/09/20156

Considerable

Average

Probability of occurrence

ImpactVery Substantial Irreversible

Low

Low

High

………

Region of acceptable risk

Region of unacceptable risk

Principal Endpoint Threats

• PC theft

• PC lost

• Hardware failure

• Virus/Malware

• Inappropriate use

• Intrusion

• Weak passwords

• Compliance

What technologies help protect against these

threats?

07/09/20157

Threats Technology

Stolen or Lost PC Encryption

Hardware Failure Back-Up

Virus / APT / 0 day Anti-malware

Remote access/ Intrusion Anti malware & personal Firewall

Inappropriate use Personal Firewall & Web filters

Weak passwords Strong Authentication

Compliance Encryption

07/09/20158

Guess What ?

07/09/20159

Dell Data Security

Solutions responds to

all these challenges.

10

Dell Connected Security portfolio

Identity & Access MgmtIdentity Governance

Privileged MgmtAccess Mgmt

Compliance & IT Gov

Security ServicesIncident Response

Managed Security SvcsSecurity & Risk Consult

Threat Intelligence

EndpointDDP | Encryption

DDP | Protected WorkspaceDDP | Security Tools

Configuration & Patch ManagementMobile Management & Workspace

NetworkNext Gen Firewall

Secure Mobile AccessEmail Security

Dell’s most secure commercial PCswith Dell Data Protection Portfolio of endpoint security solutions

07/09/201511

AuthenticationEncryption Threat Protection

DDP | Encryption DDP | Security Tools DDP | Protected Workspace

DDP | Endpoint Security Suite

Integrated authentication, encryption & threat protection, centrally managed via a single console

Dell Data Protection | Encryption

BitLocker Manager

Centrally managed via the DDP | E console

Begin with software encryption

Hardware encryption for enhanced performance

Personal Edition

Locally managed for Dell & non-Dell systems

Enterprise Edition

Centrally managed for Dell & non-Dell Systems

Hardware Crypto Accelerator

FIPS 140-2 Level 3 validated

Self-Encrypting Drives (SED)Fully integrated authentication, management & reporting

Mobile Edition

Centrally manage Android and iOS security

Cloud Edition

Encrypt files in DropBox, Box & other public cloud storage

External Media Edition

Add to BitLocker or SED for complete protection

And protect data wherever it goes

07/09/201513

Dell Data Protection | Security Tools

Flexible, secure solutions to keep unauthorized users out of your data and your business

Embedded in all Latitude laptops and Dell Precision mobile workstations

Hardware based multi-factory login solutions

ControlVault™Keeps user passwords and credentials on a separately

controlled hardware chip for secure authentication

Smart Cards

Integrated Contact & contactless

smart card reader

Fingerprint

Integrated and 3rd party fingerprint reader support

Pre-boot

Pre-boot authentication with

single sign-on

Improve your login security

Dell Data Protection | Security ToolsComprehensive lineup of authentication options

07/09/201514

Dell ControlVault Security Processor

• Keeps user passwords and credentials on a separately controlled hardware chip for secure authentication

• Isolates fingerprint processing and storage from OS and physical hard drives for ultimate protection against potential compromise

• Embedded in all Latitude laptops and Dell Precision mobile workstations

Fingerprint ProcessingProcesses and stores fingerprint credentials on FIPS 201 compliant memory chip

Single Sign-OnSimple, secure access with pre-boot/ pre-Windows authentication all the way through Active Directory log on

Smartcard ControllerContact or contact-less SC support, HID iClass or FIPS 201 PIV cardsControlVault

Next Generation DDP | Security Tools

07/09/201515

• DDP | Security Tools pairs with the Security Tools mobile app

• End-users can reset a Windows password on their Dell PC, eliminating a call to the service desk

• Password reset is protected with embedded hardware and the use of one-time passwords

>30%of IT service desk calls are for password reset

Dell Data Protection | Protected WorkspaceWorks with traditional malware protection to better address the modern threat landscape

07/09/201516

Segregate untrusted contentLaunches the most highly targeted apps—Web browsers, PDF readers, Office apps, Zip files and Exe files—in a contained virtual environment or “sandbox” to protect against direct attack

Detection

Spot all forms of malwareUses behavioral-based malware identification to detect any malicious behavior – both known and zero-day attacks that the AV/AM software hasn’t learned of yet

Prevention

Stop malware in its tracksImmediately stops the attack in its tracks, disposes of the tainted sandbox, and restores the secure virtual environment

Containment

07/09/201517

Dell Data Protection | Endpoint Security Suite

A single integrated solution that protects your business, data, systems, users and reputation

Authentication Encryption

• FIPS 201 smartcards

• Fingerprint

• Windows password reset via smartphone

• Multi-factor

• Encrypt local drives & external media

• Optional hardware encryption

• Agentless Android & iOS security

• BitLocker & SED support

Threat protection

• Anti-virus

• Anti-spyware

• Host firewall

• Web Content filtering

• Server threat alerts

Simplified management

Single pane of glass

Consolidated status and compliance reporting

Virtual console options

Only Dell offers the complete portfolio of

endpoint security solutions with the

capability to address these

challenges

Complete portfolio of encryption solutions

Protect data no matter where end users take it.

Advanced malware protectionProactively protect users and data against daily threats that traditional anti-virus solutions can’t block.

Advanced AuthenticationThe largest portfolio of integrated authentication solutions that includes fingerprint and smart card support.

The high cost of doing

nothing

Luke ShutlerStrategic Alliances Manager

© 2015 Absolute Software Corporation.All rights

reserved.

20

© 2015 Absolute Software Corporation.All rights

reserved.

21

1. The regulation will apply across Europe

2. Companies are liable to fines of up to 5 percent of their corporation’s annual global turnover

3. Companies will have to notify those whose data has been breached

4. Organisations must notify the authorities about data breaches as soon as possible

5. Companies with 250 or more employees have to employ a corporate data protection officer

5 Things to considerChanges in EUGDPR Legislation 2017

© 2015 Absolute Software Corporation.All rights

reserved.

22

HOW WE DO IT

WHAT WE DO

Our Persistence® technology is embedded into the core of most Dell

devices at the factory. Once activated, it provides you with

comprehensive visibility into all of your devices allowing you to

confidently manage mobility, investigate potential threats, and take

action if a security incident occurs. Most importantly, you can apply

remote security measures to protect each device and the data it

contains.

No other technology can do this.

Absolute® provides persistent endpoint security and data risk

management solutions for computers, tablets, and smartphones.

Our customers depend on us to provide them with a unique and trusted

layer of security so they can manage mobility while remaining firmly in

control. By providing them with a reliable two-way connection with all of

their devices, our customers can secure endpoints, assess risk, and

respond appropriately to security incidents.

© 2015 Absolute Software Corporation.All rights

reserved.

23

Persistence® technology from Absolute provides you with visibility and control over all of your

devices, regardless of user or location.

1. Dell embed Persistence technology into the firmware of devices at the factory

2. Once the Absolute software agent is installed, Persistence is activated

3. An automatic reinstallation is triggered if an Absolute software client is removed from a device

4. The reinstallation will occur even if the firmware is flashed, the device is reimaged, the hard drive is replaced, or if a tablet or smartphone is wiped clean to factory settings

HOW IT WORKS:

Persistence Technology

© 2015 Absolute Software Corporation.All rights

reserved.

24

REPORTING & ANALYTICS

GEOTECHNOLOGY

RISK ASSESSMENT

RISK RESPONSE

ENDPOINT INVESTIGATIONS

Feature Categories

=

25© 2015 Absolute Software Corporation.All rights

reserved.